| |
|
|
neighbor password
Enables/disables MD5 authentication on a TCP connection between two BGP peers.
Syntax: neighbor {ip-address | peer-group-name} encryption password string
[no] neighbor {ip-address | peer-group-name} password
ip-address
IP address of the BGP speaker neighbor.
peer-group-name
Name of a BGP peer group.
encryption
Specifies whether password encryption is enabled or not. Valid values: 0 - disabled, 7 - enabled. Default: 7 - enabled.
string
Password of up to 80 characters.
Description: Authentication between two BGP peers causes each segment sent on the TCP connection to be verified.
Use the neighbor password command to enable authentication. The same password must be used on both systems. If different passwords are used, the connection will fail.
The password string may be up to 80 characters and may contain any alphanumeric characters, including spaces. Do not specify a password with a space immediately following a number.
All the members of the BGP peer group specified by peer-group-name will inherit the password attribute configured with this command.
Use the no neighbor password command to disable MD5 authentication.
Factory Default: MD5 authentication disabled.
Command Mode: Router configuration.
Example 1: In the following example,
- The neighbor ip-address password commands configure neighbors 121.80.100.4 and 121.80.100.5 to share the encrypted password techpubspassword2
- The show ip bgp neighbor command displays the setting:
router#router bgp 101
router(config-router)#neighbor 121.80.100.4 remote-as 101
router(config-router)#neighbor 121.80.100.4 password 7 techpubspassword2
router(config-router)#neighbor 121.80.100.5 remote-as 101
router(config-router)#neighbor 121.80.100.5 password 7 techpubspassword2
router(config-router)#end
router#show ip bgp neighbor 121.80.100.4
BGP neighbor 121.80.100.4 using remote AS 101
router ID: 0.0.0.0 version: 4
state: Active time: 0:00:00
def orignat: False ebgp multihop: False
n hop self: False route ref client: False
send comm: False soft reconfig: False
hold time: 180 sec keepalive time: 60 sec
advertisement interval: 5 sec
# notf rcvd: 0 # msg rcvd: 0 # updates rcvd: 0
# notf sent: 0 # msg sent: 0 # updates sent: 0
number of prefixes received: 0
authentication password: BFCALACIEDCCFNPN
.
.
.
Example 2: In the following example, the neighbor peer-group password command configures the members of peer group techpubs to share the password techpubspassword2:
router#router bgp 101
router(config-router)#neighbor techpubs peer-group
router(config-router)#neighbor techpubs password techpubspassword2
Example 3: In the following example, the no neighbor techpubs password command removes the password attribute from the peer group techpubs:
router#router bgp 101
router(config-router)#no neighbor techpubs password
Related Commands: neighbor peer-group
show ip bgp neighbors
| |
|
|
Copyright © 2004
Avici Systems Inc.
Avici® and TSR®
is a registered trademark of Avici Systems Inc.
IPriori™, Composite Links™, SSR™, QSR, and NSR® are
trademarks of Avici Systems Inc.
Source
File Name: BGP_Nd.fm
HTML File Name: BGP_Nd34.html
Last Updated: 05/10/04 at 16:36:55